npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@bluealba-public/pae-microservices-runtime-sdk

v1.0.2

Published

Utilities for microservices in runtime

Downloads

14

Readme

pae-microservices-runtime-sdk

Quality Gate Status Bugs Code Smells Coverage Duplicated Lines (%) Lines of Code Reliability Rating Security Rating Technical Debt Maintainability Rating Vulnerabilities

Provides utilities to create PAE microservices related to the PAE architecture such as Authentication, Authorization, Impersonation, etc.

Middlewares

It provides a set of middlewares to intercept microservices routes

auth()

This middleware checks that the user is authenticated. If not then it returns 403 Forbidden. If the user is authenticated (has a session) then it modifies req.user to set the current user's session

ExpressJS

Sample usage with ExpressJS

const { middlewares } = require('@bluealba/pae-microservices-runtime-sdk')

// WARNING: you must have cookieParser middleware in place !
app.use(cookieParser())

// Here we set the middleware for a specific route
app.get('/', middlewares.auth(), (req, res) => {
  res.json({
    message: "hello",
    user: req.user, // and after that we can access req.user
  })
})

Notice that you must have cookieParser in place for this to work. Otherwise the middleware will always reject with 403.

NestJS

Sample usage with NestJS

import { MiddlewareConsumer, Module, NestModule } from '@nestjs/common';
import cookieParser from 'cookie-parser';
import microservices from '@bluealba/pae-microservices-runtime-sdk';

import { AppController } from './app.controller';
import { AppService } from './app.service';

@Module({
  imports: [],
  controllers: [AppController],
  providers: [AppService]
})
export class AppModule implements NestModule {
  configure (consumer: MiddlewareConsumer) {
    // Again here we need cookieParser first
    consumer
        .apply(cookieParser())
        .forRoutes('/time');
    // then setup the PAE auth middleware
    consumer
        .apply(microservices.middlewares.auth())
        .forRoutes('/time');
  }
}

In this case we are protecting the /time endpoint of the module.

If you want to set the middleware globally for all routes of a module you can do

const app = await NestFactory.create(AppModule);
app.use(cookieParser);
app.use(microservices.middlewares.auth());

See NestJS Global Middlewares

User Object Shape

The injected req.user object has the following type, which is a core type of PAE shared by

  • pae-authentication-service: which is the one that creates the object and stores the session
  • this library: which consumes the session
  • pae-orchestrator-service: which does a similar job as this middleware but to inject the same object into every microfrontend application
export type Session = {
  id: string;
  
  /**
   * The unique user name
   */
  username: string;
  
  /**
   * A human-friendly name
   */
  displayName: string;

  /**
   * The original User object as returned by the Identity Provider.
   */
  orig: unknown;

  /**
   * The code name of the authentication Identity Provider. For example: okta, github, cognito, etc.
   */
  authProviderName: string;

  /**
   * The list of allowed operations in terms of PAE Authorization.
   */
  operations: string[];
  
  /**
   * It the user is being impersonated by another user then it contains information about the real impersonating User.
   */
  impersonatedBy?: {
    username: string;
    displayName: string;
  }

  /**
   * Internal Identity Provider session tokens.
   * This doesn't apply to Basic Authentication but for all other OAuth methods.
   */
  tokens?: {
    access_token: string;
    id_token: string;

    token_type?: string;
    expires_in?: number;
    scope?: string;
    refresh_token?: string;
  },
};

Here is a sample req.user object

{
  "authProviderName": "okta",
  "displayName": "Javier Fernandes",
  "username": "[email protected]",
  "operations": [
    "operation-1", "operation-2", "operation-3", "operation-4"
  ],
  "orig": {
    "sub": "99dasff0pOzmPQg1234",
    "name": "Javier Fernandes",
    "locale": "AR",
    "nickname": "Javier",
    "preferred_username": "[email protected]",
    "given_name": "Javier",
    "family_name": "Fernandes",
    "zoneinfo": "America/Argentina/Buenos_Aires",
    "updated_at": 1711637822
  },
  "tokens": {
    "token_type": "Bearer",
    "expires_in": 3600,
    "scope": "offline_access profile openid",
    "access_token": "SOME_TOKEN",
    "id_token": "SOME_TOKEN",
    "refresh_token": "SOME_TOKEN"
  },
  "iat": 1717441563,
  "exp": 1717527963
}